bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-14 04:52:59 +02:00

Author	SHA1	Message	Date
Michael Tremer	82e295c23e	core117: Ship updated CA bundle Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-13 23:18:00 +00:00
Peter Müller	2d735404b6	update ca-certificate CA bundle Update the CA certificate list to what Mozilla NSS ships currently. Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-13 23:14:59 +00:00
Michael Tremer	0a38f7938a	core117: Ship changes in pakfire Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-13 22:41:58 +00:00
Peter Müller	bb6481a820	validate GPG keys by fingerprint Validate GPG keys by fingerprint and not by 8-bit key-ID. This makes exploiting bug #11539 harder, but not impossible and does not affect existing installations. Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-13 22:41:21 +00:00
Michael Tremer	b7a5076ca0	core117: Ship latest GeoIP changes Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-13 22:39:36 +00:00
Michael Tremer	00793c27c9	GeoIP: Add lookup function for convenience Instead of opening the database again for each lookup, we will read it into memory on first use and every lookup after that will be coming from cache. Reviewed-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-13 22:37:19 +00:00
Michael Tremer	b1ad5b8b6c	geoip-functions.pl: Fix typos and formatting Reviewed-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-13 22:37:03 +00:00
Michael Tremer	5a4fb99e8a	make.sh: Default to armv5tel on armv7* build hosts We won't offer a native port to ARMv7 in the near future and to default to an architecture that is working on these machines, we select armv5tel as default Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-13 21:56:27 +00:00
Michael Tremer	32e6d3e320	Revert "make.sh: Use -pipe in CFLAGS when host has >1GB of memory" This reverts commit `7e1639a481`. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-13 21:49:15 +00:00
Michael Tremer	9bb4055367	captive portal: Require authorization before redirecting to proxy Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-11 12:48:54 +00:00
Michael Tremer	81f6550cfb	core117: Ship updated routing.cgi Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:20:53 +00:00
Alexander Marx	51141b150d	BUG11466: fix routing.cgi the function call in routing.cgi was fixed to call the new "exact" function. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:20:29 +00:00
Alexander Marx	3f3974b711	Network-functions: add check if variables are defined in function network_equal and network2bin a check for undefined variables were missing. added them. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:19:23 +00:00
Michael Tremer	d6b92a118e	core117: Ship updated network-functions.pl Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:16:50 +00:00
Alexander Marx	1047805dba	BUG11466: Fix network_equal function The network_equal function only tested the subnet addresses of two given networks which lead to errormessages saying "This is the green network" The fix tests netwok and subnet IP's to fix this Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:16:18 +00:00
Michael Tremer	b3d2f86b87	core117: Ship changed files of the webUI Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:14:36 +00:00
Peter Müller	725396af2c	link to HTTPS version of www.ipfire.org in WebUI Change links to www.ipfire.org in WebUI themes since the website now uses HTTPS. Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:14:36 +00:00
Peter Müller	eea4969dff	Tor: Use relay mode as default setting Set the default operating mode to "relay" in the Tor WebUI configuration page. Running a Tor exit relay may cause legal trouble in some countries and should not be the default setting to prevent users from accidentally running an exit router. Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:14:36 +00:00
Michael Tremer	bb3272dad3	Start Core Update 117 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:14:36 +00:00
Michael Tremer	682a6b2dc8	unbound: Silence error when upstream name servers cannot be read Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 16:02:28 +01:00
Michael Tremer	a98ab1d7fd	make.sh: Calculate MAKETUNING depending on available memory Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 15:43:14 +01:00
Michael Tremer	4f1cce84fb	make.sh: Remove setting the EDITOR variable which we don't use Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 15:27:31 +01:00
Michael Tremer	1445a5ac43	make.sh: Add function to determine how many CPU cores the build host has Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 15:25:11 +01:00
Michael Tremer	7e1639a481	make.sh: Use -pipe in CFLAGS when host has >1GB of memory Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 15:27:00 +01:00
Michael Tremer	5190eea24f	make.sh: Determine how much memory the build host has Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-07 15:25:56 +01:00
Michael Tremer	ad1204e4eb	captive: One month is only 30 days instead of 210 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-06 19:07:10 +00:00
Arne Fitzenreiter	5c8acc789b	core116: stop apache before extracting updated files Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-03 16:40:23 +01:00
Arne Fitzenreiter	9843bb7b5a	core116: replace apache restart by stop and start restart seems not work after replace apache... Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-03 14:28:22 +01:00
Arne Fitzenreiter	ae8e242bc1	core116: ship updated wget Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-03 14:22:19 +01:00
Arne Fitzenreiter	4f248f7a70	finish core116 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-02 22:48:58 +01:00
Arne Fitzenreiter	578171927d	core116: set need_reboot flag Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-02 22:48:43 +01:00
Arne Fitzenreiter	ee328f16bf	core116: ship openssh Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-02 22:46:47 +01:00
Arne Fitzenreiter	6744cd4d68	core116: fix openssl symlink Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-02 22:45:25 +01:00
Michael Tremer	770c2c5222	wget: Update file extension Upstream does not distribute XZ compressed tarballs any more Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-02 15:38:11 +00:00
Michael Tremer	4a510319ca	openssl: Update to 1.0.2m * bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736) * Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735) Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-11-02 15:31:04 +00:00
Michael Tremer	a016c0ce6a	wget: Update to 1.19.2 Fixes CVE-2017-13089 A stack-based buffer overflow when processing chunked, encoded HTTP responses was found in wget. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit this flaw to potentially execute arbitrary code. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-29 18:33:03 +00:00
Michael Tremer	7dadc13829	core116: Ship updated apache Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-28 13:36:27 +01:00
Wolfgang Apolinarski	bf24eeec20	Update to Apache 2.4.29 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-28 13:35:43 +01:00
Michael Tremer	63420a96b6	core116: Ship updated proxy.cgi Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-23 16:29:09 +01:00
Matthias Fischer	c4b12981e2	proxy.cgi: Even more cosmetics Another clickable link for 'proxy.cgi', this time for 'Cache Manager Interface' - this one opens in a new window. And: This time - hopefully - with correct '_blank'-attribute (deleted the backslashes) - based on current 'next'. Plus: Deleted some "blind" tabs - found by chance. Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-23 16:28:29 +01:00
Michael Tremer	b47d4bc1ea	core116: Ship snort Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-23 16:26:39 +01:00
Matthias Fischer	49f7ee5d72	snort: Update to 2.9.11 For details see: Release notes: https://snort.org/downloads/snort/release_notes_2.9.11.txt Changelog: https://snort.org/downloads/snort/changelog_2.9.11.txt Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-23 16:24:46 +01:00
Michael Tremer	cd8a7fc1eb	Start Core Update 116 Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-23 16:24:10 +01:00
Matthias Fischer	a809d7fa68	xz: Update to 5.2.3 For details see: https://git.tukaani.org/?p=xz.git;a=blob;f=NEWS;hb=HEAD Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-23 13:22:01 +01:00
Arne Fitzenreiter	9064ba72fe	drop httpscert and merge to apache initskript Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-10-22 15:50:38 +02:00
Michael Tremer	0d6b6a219f	core115: Add missing parameter to actually generate new certificates Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-21 11:20:02 +01:00
Arne Fitzenreiter	cf361ef4b5	finish core115 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-10-18 21:25:59 +02:00
Arne Fitzenreiter	fb1eb40f9b	core115: add extrahd.cgi to updater this file was missing in early core114 testbuilds so ship it again. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-10-18 21:25:45 +02:00
Arne Fitzenreiter	fcd8ab4c23	Merge branch 'master' into core115	2017-10-18 21:20:23 +02:00
Peter Müller	6c6c1e3f04	redirect to TLS WebUI if authorisation required Do not allow credentials being submitted in plaintext to Apache. Instead, redirect the user with a 301 to the TLS version of IPFire's web interface. Signed-off-by: Peter Müller <peter.mueller@link38.eu> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2017-10-18 15:57:57 +01:00

1 2 3 4 5 ...

11193 Commits